Chapter 9 Review Question Answers
- A RADIUS authentication server requires that the _____ be authenticated first.
- authentication server
- supplicant
- authenticator
- user
- Each of the following make up the AAA elements in network security except ______.
- controlling access to network resources (authentication)
- enforcing security policies (authorization)
- determining user need (analyzing)
- auditing usage (accounting)
- With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
- RDAP
- DAP
- RADIUS
- AAA
- _____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
- IEEE 802.1x
- RADIUS
- Kerberos
- LDAP
- The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
- DAP
- LDAP
- IEEE X.501
- Lite RDAP
- A user entering her username would correspond to the _____ action in access control.
- authentication
- identification
- authorization
- access
- A process functioning on behalf of the user that attempts to access a file is known as a(n) ______.
- object
- subject
- resource
- operation check
- The individual who periodically reviews security settings and maintains records of access by users is called the _____.
- supervisor
- owner
- custodian
- manager
- In the _____ model, the end user cannot change any security settings.
- Discretionary Access Control
- Security Access Control
- Mandatory Access Control
- Restricted Access Control
- Rule Based Access Control _____.
- is considered obsolete today
- dynamically assigns roles to subjects based on rules
- is considered a real-world approach by linking a user’s job function with security
- requires that a custodian set all rules
- Separation of duties requires that _____.
- processes should be divided between two or more individuals
- end users cannot set security for themselves
- managers must monitor owners for security purposes
- jobs be rotated among different individuals
- _____ in access control means that if a condition is not explicitly met then access is to be rejected.
- Denial of duties
- Implicit deny
- Explicit rejection
- Prevention control
- A(n) _____ is a set of permissions that is attached to an object.
- access control list (ACL)
- Subject Access Entity (SAE)
- object modifier
- security entry designator
- _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
- Windows Register Settings
- Group Policy
- Resource Allocation Entities
- AD Management Services (ADMS)
- A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
- SQL/LDAP insert attack
- modified Trojan attack
- LDAP injection attack
- RBASE plug-in attack
- The least restrictive access control model is _____.
- Role Based Access Control (RBAC)
- Mandatory Access Control (MAC)
- Discretionary Access Control (DAC)
- Rule Based Access Control (RBAC)
- The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
- Enterprise Security
- least privilege
- deny all
- Mandatory Limitations
- A(n) _____ is the person responsible for the informationand determines the level of security needed for the data and delegates security duties as required.
- owner
- custodian
- end user
- administrator
- In the Mandatory Access Control (MAC) model, every subject and object _____.
- is restricted and cannot be accessed
- is assigned a label
- can be changed by the owner
- must be given a number from 200–900
- A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
- orphaned
- limbo
- static
- dormant